I am a researcher with the Hybrid Reality Institute, and am working on a start-up in the international development field. Identified: Why They Are Getting To Know Everything About Us, a book I've authored about the global rise of digital identification systems, will be out later this year. It analyzes the impact of the technologies that governments and companies use to see who we are. I track these systems over time to see how they are changing governments, institutions, social norms, and your daily life. Learn more, and sign-up for updates here. Follow me on Twitter — @twadhwa — or check out my website for more articles, talks, and updates. You can reach me at forbes@tarunwadhwa.com.

Your Next Phone Is Likely To Include Fingerprint, Facial, and Voice Recognition

(Source: Vibe.com) What an iPhone with fingerprint scanning might look like

In some ways, it’s a marvel that even half of consumers bother to lock their phones.

The benefits seem obvious enough: by entering a few numbers, you can achieve a basic level of protection from prying eyes. But according to a recent study, 44% of users said that even this was too much of a hassle – worse, 30% weren’t even worried about mobile security at all. From 0000 to 9999 there are 10,000 possible combinations of digits, yet in a sample of 3.4 million passwords, over 10% were cases in which somebody decided that “1234″ was their best choice.

For years now, consumers have been demanding a better way, something more convenient and less time-consuming. As it turns out, they may have had the answer all along without even knowing it – their body parts can serve as their next password. Biometric identification, which works by using the unique characteristics of your body to prove who you are, may be the key to a much more effective system.

In fact, it is an almost certainty that within the next few years, three biometric options will become standard features in every new phone: a fingerprint scanner built into the screen, facial recognition powered by high-definition cameras, and voice recognition based off a large collection of your vocal samples.

This switch would mark a major shift in how we interact with our devices – and if the goal is security, there’s certainly other less extreme, more measured steps that can be taken. But behind the language of needing better passwords is a much bigger push to build trust in the idea that a mobile phone can securely be used for sensitive transactions. Going forward, our mobile phones can serve as the gateway to our health information, location data, government services, and much more. Entire new industries are being built using these devices as the platform.

Americans still lag behind citizens in other developed nations in how they use their phones. But all that means is that there’s a larger opportunity here. If you can have a user feel like James Bond when they touch their screen, they are a lot more likely to believe that a “mobile wallet” is a practical thing.

There are separate questions as to whether these technologies are ready for such a wide-scale deployment. While each have their own strengths and weaknesses, together they provide quite an improvement over the status quo. No system is hacker-proof, but using several biometrics, as opposed to just one or just one password, could go a long way in helping to solve a few of the largest problems we associate with mobile security.

Anytime you are constantly sharing personal information there are potential privacy concerns. With this issue though, the dangers may not be as obvious as they seem at first – after all, biometric identification would be in the form of optional features. And there’s no more direct privacy violation than having your phone stolen, and with it, temporarily losing control over all the social media, financial, and personal accounts you had tied to it.

Whenever Apple, or another giant, decides to fully embrace a biometric solution, the sheer scale and frequency which people will use it will have an enormous impact on the future of how we are identified. When you have your body scanned multiple times a day to send a text or tweet, it becomes harder to see the process as an invasive, potentially perilous influence. In the long march of biometric technology into all corners of our daily life, this may mark the turning point where all of a sudden this type of authentication becomes normal and familiar – and forever change the way we interact with the systems around us.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.

Comments

No discussion of biometrics for securing mobile devices should overlook their innate fallibility. Every biometric commits two types of errors: False Negatives where they fail to recognise the rightful user, and False Positives where they confuse one user for another. The more secure a system, the less False Positives it will commit, but also the more False negatives it will inflict on the owner, forcing them to retry the face or fingerprint scan before a proper identification can be made.

Convenience and security are inversely linked with biometrics: see lockstep.com.au/blog/2012/05/06/biometrics-must-be-fallible. With mobiles, this trade-off is tricky. Users will lose patience (and confidence) if their phone forces too many retries on them. But when the manufacturer cannot control factors like facial expression, lighting conditions, wear and tear, angle, and grime on the surface of the lens or scanner, the biometric algorithm tends to be biased towards lower false negatives and higher false positives.

The trade-off between security and convenience is not something that biometrics vendors often discuss. On occasion, independent test authorities publish the “detection error tradeoff” curves for different technologies, and they’re very sobering. For fingerprint and face, the tradeoff is usually such that when False Negative Rate is less than 1 in 100 (reasonable convenience), the False Positive Rate rises to over 1 in 10 (shocking security). And that’s just for random attacks. The FBI warns that biometrics lab testing fails to predict how these technologies work in the real world (see http://lockstep.com.au/blog/2013/02/11/technological-imperialism). When leading law enforcement authorities have reservations about how well biometrics resist criminal attack, we need to be cautious about assuming they’re a magic bullet for device security.

This technology ain’t where it’s cracked-up to be. I have to use fingerprinting at work and it usually takes me over a dozen tries to get logged-in or out. I prefer my password/swipe code thank you very much.